ice_validator/tests/test_allowed_address_pair_format.py

   1 # -*- coding: utf8 -*-
   2 # ============LICENSE_START====================================================
   3 # org.onap.vvp/validation-scripts
   4 # ===================================================================
   5 # Copyright © 2017 AT&T Intellectual Property. All rights reserved.
   6 # ===================================================================
   7 #
   8 # Unless otherwise specified, all software contained herein is licensed
   9 # under the Apache License, Version 2.0 (the "License");
  10 # you may not use this software except in compliance with the License.
  11 # You may obtain a copy of the License at
  12 #
  13 #             http://www.apache.org/licenses/LICENSE-2.0
  14 #
  15 # Unless required by applicable law or agreed to in writing, software
  16 # distributed under the License is distributed on an "AS IS" BASIS,
  17 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  18 # See the License for the specific language governing permissions and
  19 # limitations under the License.
  20 #
  21 #
  22 #
  23 # Unless otherwise specified, all documentation contained herein is licensed
  24 # under the Creative Commons License, Attribution 4.0 Intl. (the "License");
  25 # you may not use this documentation except in compliance with the License.
  26 # You may obtain a copy of the License at
  27 #
  28 #             https://creativecommons.org/licenses/by/4.0/
  29 #
  30 # Unless required by applicable law or agreed to in writing, documentation
  31 # distributed under the License is distributed on an "AS IS" BASIS,
  32 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  33 # See the License for the specific language governing permissions and
  34 # limitations under the License.
  35 #
  36 # ============LICENSE_END============================================
  37 #
  38 # ECOMP is a trademark and service mark of AT&T Intellectual Property.
  39 #
  40
  41 """
  42 test_allowed_address_pairs_format
  43 """
  44
  45 import re
  46
  47 import pytest
  48 import yaml
  49
  50 from .utils.network_roles import get_network_role_from_port, property_uses_get_resource
  51
  52 VERSION = "1.0.0"
  53
  54 # pylint: disable=invalid-name
  55
  56
  57 def test_allowed_address_pairs_format(heat_template):
  58     """
  59     Make sure all allowed_address_pairs properties follow the allowed
  60     naming conventions
  61     """
  62     allowed_formats = [
  63         [
  64             "allowed_address_pairs",
  65             "string",
  66             "internal",
  67             re.compile(r"(.+?)_int_(.+?)_floating_v6_ip"),
  68         ],
  69         [
  70             "allowed_address_pairs",
  71             "string",
  72             "internal",
  73             re.compile(r"(.+?)_int_(.+?)_floating_ip"),
  74         ],
  75         [
  76             "allowed_address_pairs",
  77             "string",
  78             "external",
  79             re.compile(r"(.+?)_floating_v6_ip"),
  80         ],
  81         [
  82             "allowed_address_pairs",
  83             "string",
  84             "external",
  85             re.compile(r"(.+?)_floating_ip"),
  86         ],
  87         [
  88             "allowed_address_pairs",
  89             "string",
  90             "internal",
  91             re.compile(r"(.+?)_int_(.+?)_v6_ip_\d+"),
  92         ],
  93         [
  94             "allowed_address_pairs",
  95             "string",
  96             "internal",
  97             re.compile(r"(.+?)_int_(.+?)_ip_\d+"),
  98         ],
  99         ["allowed_address_pairs", "string", "external", re.compile(r"(.+?)_v6_ip_\d+")],
 100         ["allowed_address_pairs", "string", "external", re.compile(r"(.+?)_ip_\d+")],
 101         [
 102             "allowed_address_pairs",
 103             "comma_delimited_list",
 104             "internal",
 105             re.compile(r"(.+?)_int_(.+?)_v6_ips"),
 106         ],
 107         [
 108             "allowed_address_pairs",
 109             "comma_delimited_list",
 110             "internal",
 111             re.compile(r"(.+?)_int_(.+?)_ips"),
 112         ],
 113         [
 114             "allowed_address_pairs",
 115             "comma_delimited_list",
 116             "external",
 117             re.compile(r"(.+?)_v6_ips"),
 118         ],
 119         [
 120             "allowed_address_pairs",
 121             "comma_delimited_list",
 122             "external",
 123             re.compile(r"(.+?)_ips"),
 124         ],
 125     ]
 126
 127     with open(heat_template) as fh:
 128         yml = yaml.load(fh)
 129
 130     # skip if resources are not defined
 131     if "resources" not in yml:
 132         pytest.skip("No resources specified in the heat template")
 133
 134     # check both valid and invalid patterns to catch edge cases
 135     invalid_allowed_address_pairs = []
 136
 137     for v1 in yml["resources"].values():
 138         if (
 139             not isinstance(v1, dict) or
 140                 "properties" not in v1 or
 141                 v1.get("type") != "OS::Neutron::Port" or
 142                 property_uses_get_resource(v1, "network")
 143         ):
 144             continue
 145         network_role = get_network_role_from_port(v1)
 146
 147         v2 = v1["properties"].get("allowed_address_pairs", {})
 148         for v3 in v2:
 149             if "ip_address" not in v3 or "get_param" not in v3["ip_address"]:
 150                 continue
 151
 152             param = v3["ip_address"]["get_param"]
 153             if isinstance(param, list):
 154                 param = param[0]
 155
 156             for v4 in allowed_formats:
 157                 # check if pattern matches
 158                 m = v4[3].match(param)
 159                 if m:
 160                     if (
 161                         v4[2] == "internal" and
 162                             len(m.groups()) > 1 and
 163                             m.group(2) == network_role
 164                     ):
 165                         break
 166                     elif (
 167                         v4[2] == "external"
 168                         and len(m.groups()) > 0
 169                         and m.group(1).endswith("_" + network_role)
 170                     ):
 171                         break
 172             else:
 173                 invalid_allowed_address_pairs.append(param)
 174
 175     assert not set(
 176         invalid_allowed_address_pairs
 177     ), "invalid_allowed_address_pairs %s" % list(set(invalid_allowed_address_pairs))